Ciaran Martin, former CEO of the UK National Cyber Security Centre, and Rahul Powar, CEO of Red Sift
The internet’s foundational promise is one of connection, opportunity, and innovation. But as technological innovation grows, so do the risks. The challenge is clear: how do we create a fundamentally safer internet while empowering organisations of all sizes to thrive in a digital-first world?
At its core, this mission is about simplicity and collaboration. Initiatives like the UK’s Active Cyber Defence (ACD) demonstrate the transformative power of accessible security protocols. This includes tools like Mail Check, designed to assess and improve an organisation’s email security posture by analysing key authentication protocols such as DMARC (Domain-based Message Authentication, Reporting & Conformance), reducing security risks. The ACD is proof that even basic measures, implemented at scale, can create a measurable impact, particularly through collaboration between the public and private sector to improve security for everyone—not just for organisations with large budgets or dedicated security teams.
Cybersecurity is not just a tick box exercise
Fundamentally, cybersecurity cannot be a one-off fix; it’s an ongoing practice. Consider email, still the backbone of communication for businesses and governments and one of the biggest entry points for bad actors. Protecting these organisations from harm, including phishing emails, requires innovative tools and solutions like DMARC to secure outbound communications.
In 2024, we witnessed an increase in adoption of DMARC records with many organisations scrambling to implement basic authentication (including DMARC reporting), following Google and Yahoo announcing new requirements for bulk senders. With industry leaders pushing for change, a clear appetite for ongoing vigilance emerged, but this remains gradual. Research by Red Sift found 86.62% of domains—from a global sample of 72 million—still lacked a basic DMARC record one year later. For government organisations, the picture is looking more positive with 52.7% implementing a DMARC policy of quarantine or reject. While DMARC provides a powerful way to block fraudulent outbound emails, it can only achieve maximum effectiveness when properly enforced across the ecosystem.
In 2025, collaboration is key, with public and private sector organisations needing to work in unison to provide vital services such as data sharing, and centered on a unified message of reaching DMARC enforcement, mitigating against cyber threats. When both implement the same best practices and have access to the most innovative tools, it is possible to achieve complete visibility across email communication and create a safer internet for all.
New regulations require new tools
Cybersecurity is dynamic and complex. Bad actors are constantly innovating, finding new ways to exploit gaps in security protocols. A decade ago, DMARC adoption was largely driven by industry leaders and government initiatives encouraging better email authentication. Today, the stakes are higher, and compliance is often mandatory under frameworks like PCI DSS 4.0 or regulations such as the European Union’s (EU) Digital Operational Resilience Act (DORA). Both PCI-DSS and the DORA emphasise email security as a critical component of protecting sensitive data and ensuring operational resilience. While neither regulation explicitly mandates DMARC, they strongly encourage businesses to implement email authentication measures like DMARC, SPF, and DKIM as part of their broader cybersecurity framework.
Still, enforcement is only part of the solution. True protection requires an ongoing commitment to maintaining compliance and adapting to new threats. For instance, as organisations grow and adopt new technologies, their email-sending infrastructure often evolves. New servers, expired domains, marketing platforms, and third-party tools introduce complexities that must be carefully managed to prevent security gaps. Without continuous monitoring and maintenance, even well-implemented security protocols can degrade over time, leaving businesses exposed to risks they thought they had mitigated.
This is where automation and advanced tooling come into play. Tools that provide real-time monitoring, forensic reporting, and automated issue resolution enable organisations to keep up with the demands of modern cybersecurity. By reducing the burden on IT teams, these tools make it feasible for even SMEs to implement and maintain robust security measures. The result is a more secure internet for everyone.
Navigating shared responsibility
Beyond the technical challenges, there is also a cultural aspect to building a safer internet. Cybersecurity must be seen as a shared responsibility. Governments, private sector organisations, and individual practitioners all have roles to play. Programmes like the ACD demonstrate how public-private partnerships can create meaningful change. By working together to tackle systemic issues, we can achieve outcomes that no single entity could accomplish alone. For example, the automated takedown of malicious websites—a key component of the ACD—was only possible through collaboration between government agencies and private-sector contractors. The results speak for themselves: fewer malicious sites, fewer opportunities for exploitation, and a more secure digital environment for all users.
As practitioners, it’s easy to focus on the latest technologies that dominate headlines—artificial intelligence, anomaly detection, or advanced threat intelligence to name a few. While these are important, they should not overshadow the basics. Ensuring that every email sent from your domain is authenticated, that your servers are encrypted by default, and that your DNS records are properly configured might not be glamorous or excite a boardroom, but these measures are foundational. They reduce risks at scale and provide a baseline of security that protects everyone, from individual users to large organisations.
Make it accessible and educational
The cybersecurity community faces an important question: how do we build on these successes to create even greater resilience? The answer lies in innovation that prioritises accessibility. Security solutions must be easy to adopt and scalable for organisations of all sizes. Whether it’s simplifying the deployment of protocols like MTA-STS (Mail Transfer Agent Strict Transport Security) or creating intuitive dashboards that make complex tasks simple and actionable, the focus should be on empowering users to take control of their security posture.
The need for education and awareness are also critical factors. Many organisations are still unaware of the tools and protocols available to them or lack the expertise to implement them effectively, not to mention the full scale consequences of remaining unsecured. Bridging this gap requires not just technical solutions but also outreach, training, and resources that make cybersecurity accessible to all.
The path to a safer internet might sound gritty, but if implemented effectively, it will be transformative. Today we should work towards ensuring that every business, regardless of size or resources, has access to the information, guidance, and tools available to stay protected, while building a shared responsibility to reach enforcement, through DMARC and other protocols. By focusing on a collective goal and leveraging scalable security protocols, we can build an internet that’s not just innovative, but resilient. Together, we can create an environment accessible to all, without compromising on security or trust.
